Details have emerged of three new breaches affecting Big Fish Games' website, Jefferson National Park Association's gift shop POS systems and a spear-phishing attack targeting employees of State of Franklin Healthcare Associates. NNT provide more details of what and how happened, and how other organizations can protect themselves.

 

Big Fish Games have reported this week that they self-discovered an incident on January 12, 2015, which involved the theft of payment card and Personal Identifiable Information from their website. Customers affected made purchases between December 24, 2014, and January 8, 2015.

Their letter to affected customers goes on to state that the malware has been removed and they have taken steps to prevent a reinstallation.

It isn’t clear at this stage how the malware infection was instigated or whether there is any other link to previous eCommerce/Web retailer sites such as Book2Park.com, Park ‘N Fly, and IDParts.com reported previously.

Book2Park.com breach details here 

Park ’N Fly and IDParts.com breaches detailed here

 

Jefferson National Parks Association issued a press release last week reporting that malware had been discovered on POS systems at the Levee Mercantile and Museum Store gift shops.

The malware has been in place since August 2014 and the source was eventually identified as JNPA in December. Correlation of fraudulent transactions is used by payment card brands and providers to identify a common factor to all. This allows the breach source to be pinpointed and action was taken, but it always takes time for victims to notify their bank of suspicious transactions, by which time the card data theft has already been running for months.

2014 saw numerous high-profile POS malware attacks resulting in card data theft, including the recently reported Marriott Hotel breach, Chick-Fil-A, and Staples, leading to renewed focus on PCI DSS requirements for system hardening and File Integrity Monitoring

Suspected POS breach at Chick-fil-A: Did the PCI DSS fail?

The Jefferson National parks Association press release is here

 

Finally, Employees at State of Franklin Healthcare Associates have been targeted in a spear phishing scam. The cyber attack intent was to elicit social security numbers and personal identifiable information. In turn, this information would then be used to file fake tax returns and claim refunds. Why this particular organization’s employees were targeted is unclear but it is well-known that the more targeted and personalized a phishing attack is (at which point it becomes classed as Spear Phishing), the more likely it is to bear fruit. For our notes on phishing attack protection see  our article ‘Batten down the hatches! Looking at ways to enhance protection against ransomware, APTs and other phishing malware’

The original State of Franklin Healthcare Associates attack report is here 

The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.